Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1165 | 1 Yager Development | 1 Yager Game | 2017-07-10 | 5.0 MEDIUM | N/A |
| Yager 5.24 and earlier allows remote attackers to cause a denial of service (application crash) via certain malformed data. | |||||
| CVE-2005-1171 | 1 Datenbank Module | 1 Datenbank Module | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2005-1176 | 1 Ibm | 1 Aix | 2017-07-10 | 1.2 LOW | N/A |
| Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for that file, may write data to a different file, which could leak sensitive information. | |||||
| CVE-2005-1177 | 2 Usermin, Webmin | 2 Usermin, Webmin | 2017-07-10 | 10.0 HIGH | N/A |
| Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact. | |||||
| CVE-2005-1178 | 1 Oracle | 1 Forms | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL commands via the Query/Where feature. | |||||
| CVE-2005-1179 | 1 Xerox | 19 Workcentre, Workcentre 165, Workcentre 175 and 16 more | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, related to SNMP authentication, allows remote attackers to modify system configuration, a different vulnerability than CVE-2005-0703. | |||||
| CVE-2005-1180 | 1 Francisco Burzi | 1 Php-nuke | 2017-07-10 | 5.0 MEDIUM | N/A |
| HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuke 7.6 allows remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the forwarder parameter. | |||||
| CVE-2005-1181 | 1 Ariadne | 1 Ariadne Cms | 2017-07-10 | 7.5 HIGH | N/A |
| ** DISPUTED ** NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ariadne parameter to reference a URL on a remote web server that contains the code. NOTE: the vendor has disputed this issue, saying that loader.php first requires the "ariadne.inc" file, which defines the $ariadne variable, and thus it cannot be modified by an attacker. In addition, CVE personnel have partially verified the dispute via source code inspection of Ariadne 2.4 as available on July 5, 2005. | |||||
| CVE-2005-1182 | 1 Ibm | 1 Os 400 | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Incoming Remote Command (iSeries Access for Windows Remote Command service) in IBM OS/400 R510, R520, and R530 allows attackers to cause a denial of service (IRC shutdown) via certain inputs. | |||||
| CVE-2005-1183 | 1 Mvnforum | 1 Mvnforum | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the Search parameter. | |||||
| CVE-2005-1185 | 1 Musicmatch | 1 Jukebox | 2017-07-10 | 4.6 MEDIUM | N/A |
| Unquoted Windows search path vulnerability in Musicmatch Jukebox 10.00.2047 and earlier allows local users to gain privileges via a malicious C:\program.exe file, which is run by MMFWLaunch.exe when it attempts to execute launch.exe. | |||||
| CVE-2005-1186 | 1 Musicmatch | 1 Jukebox | 2017-07-10 | 6.8 MEDIUM | N/A |
| Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com domain to the Trusted Sites zone in Internet Explorer, which allows systems in the domain to conduct unauthorized activities, as demonstrated using cross-site scripting (XSS) attacks. | |||||
| CVE-2005-1187 | 1 X-ways Software Technology Ag | 1 Winhex | 2017-07-10 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command line of an unprivileged program, it is highly likely that this is not a vulnerability. | |||||
| CVE-2005-1188 | 1 Comersus Open Technologies | 1 Comersus Cart | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in Comersus 3.90 to 4.51 allows remote attackers to inject arbitrary web script or HTML via the curPage parameter. | |||||
| CVE-2005-1189 | 1 Webcamxp | 1 Webcamxp Pro | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebcamXP PRO v2.16.468 and earlier allows remote attackers to inject arbitrary web script or HTML via the chat name, as demonstrated by using an IFRAME to redirect users to other sites. | |||||
| CVE-2005-1190 | 1 Webcamxp | 1 Webcamxp Pro | 2017-07-10 | 5.0 MEDIUM | N/A |
| WebcamXP PRO v2.16.468 and earlier allows remote attackers to cause a denial of service via a long chat name, which takes up too much display space and prevents the chat frame from being properly rendered. | |||||
| CVE-2005-1193 | 1 Phpbb Group | 1 Phpbb | 2017-07-10 | 7.5 HIGH | N/A |
| The bbencode_second_pass and make_clickable functions in bbcode.php for phpBB before 2.0.15, as used in viewtopic.php, privmsg.php, and other scripts, allow remote attackers to execute arbitrary script via a BBcode tag with a (1) javascript:, (2) applet:, (3) about:, (4) activex:, (5) chrome:, or (6) script: URI scheme, as demonstrated using the URL tag. | |||||
| CVE-2005-1195 | 2 Mplayer, Xine | 2 Mplayer, Xine-lib | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code. | |||||
| CVE-2005-1200 | 1 Azbb | 1 Az Bulletin Board | 2017-07-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in main_index.php in AZ Bulletin Board (AZbb) 1.0.07a through 1.0.07c allows remote attackers to execute arbitrary PHP code by modifying the (1) dir_src or (2) abs_layer parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2005-1201 | 1 Azbb | 1 Az Bulletin Board | 2017-07-10 | 6.4 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in AZ Bulletin board (AZbb) before 1.0.08 allow (1) remote authenticated users with administrative privileges to delete arbitrary files via a .. (dot dot) in the URL to admin_avatar.php or admin_attachment.php or (2) remote attackers to enumerate files via a .. (dot dot) in the attachment parameter to attachment.php, which displays a different message when a file exists or does not exist. | |||||